📄 batchmakep12.java
字号:
} else { ks = KeyTools.createP12(alias, rsaKeys.getPrivate(), cert, cachain); } storeKeyStore(ks, username, password, createJKS, createPEM); String iMsg = intres.getLocalizedMessage("batch.createkeystore", username); log.info(iMsg); log.debug("<createUser: username=" + username); } // createUser /** * Does the deed with one user... * * @param data user data for user * @param createJKS if a jks should be created * @param createPEM if pem files should be created * @param keyrecoverflag if we should try to revoer already existing keys * @throws Exception If something goes wrong... */ private void processUser(UserDataVO data, boolean createJKS, boolean createPEM, boolean keyrecoverflag) throws Exception { KeyPair rsaKeys = null; X509Certificate orgCert = null; if (usekeyrecovery && keyrecoverflag) { IRaAdminSessionRemote raadmin = raadminhome.create(); boolean reusecertificate = raadmin.getEndEntityProfile(administrator, data.getEndEntityProfileId()).getReUseKeyRevoceredCertificate(); // Recover Keys IKeyRecoverySessionRemote keyrecoverysession = keyrecoveryhome.create(); KeyRecoveryData recoveryData = keyrecoverysession.keyRecovery(administrator, data.getUsername(), data.getEndEntityProfileId()); if(reusecertificate){ keyrecoverysession.unmarkUser(administrator,data.getUsername()); } if (recoveryData != null) { rsaKeys = recoveryData.getKeyPair(); if(reusecertificate){ orgCert = (X509Certificate) recoveryData.getCertificate(); } } else { String errMsg = intres.getLocalizedMessage("batch.errornokeyrecoverydata", data.getUsername()); throw new Exception(errMsg); } } else { rsaKeys = KeyTools.genKeys(props.getKeySpec(), props.getKeyAlg()); } // Get certificate for user and create P12 if (rsaKeys != null) { createUser(data.getUsername(), data.getPassword(), data.getCAId(), rsaKeys, createJKS, createPEM, !keyrecoverflag && data.getKeyRecoverable(), orgCert); } } //processUser private boolean doCreate(IUserAdminSessionRemote admin, UserDataVO data, int status) throws Exception { boolean ret = false; int tokentype = SecConst.TOKEN_SOFT_BROWSERGEN; boolean createJKS = false; boolean createPEM = false; boolean createP12 = false; // get users Token Type. tokentype = data.getTokenType(); createP12 = tokentype == SecConst.TOKEN_SOFT_P12; createPEM = tokentype == SecConst.TOKEN_SOFT_PEM; createJKS = tokentype == SecConst.TOKEN_SOFT_JKS; // Only generate supported tokens if (createP12 || createPEM || createJKS) { if (status == UserDataConstants.STATUS_KEYRECOVERY) { String iMsg = intres.getLocalizedMessage("batch.retrieveingkeys", data.getUsername()); log.info(iMsg); } else { String iMsg = intres.getLocalizedMessage("batch.generatingkeys", data.getUsername()); log.info(iMsg); } // Grab new user, set status to INPROCESS admin.setUserStatus(administrator, data.getUsername(), UserDataConstants.STATUS_INPROCESS); processUser(data, createJKS, createPEM, (status == UserDataConstants.STATUS_KEYRECOVERY)); // If all was OK , set status to GENERATED admin.setUserStatus(administrator, data.getUsername(), UserDataConstants.STATUS_GENERATED); // Delete clear text password admin.setClearTextPassword(administrator, data.getUsername(), null); ret = true; String iMsg = intres.getLocalizedMessage("batch.generateduser", data.getUsername()); log.info(iMsg); } else { log.debug("Cannot batchmake browser generated token for user (wrong tokentype)- " + data.getUsername()); } return ret; } /** * Creates P12-files for all users with status NEW in the local database. * * @throws Exception if something goes wrong... */ public void createAllNew() throws Exception { log.debug(">createAllNew:"); String iMsg = intres.getLocalizedMessage("batch.generatingallstatus", "NEW"); log.info(iMsg); createAllWithStatus(UserDataConstants.STATUS_NEW); log.debug("<createAllNew:"); } // createAllNew /** * Creates P12-files for all users with status FAILED in the local database. * * @throws Exception if something goes wrong... */ public void createAllFailed() throws Exception { log.debug(">createAllFailed:"); String iMsg = intres.getLocalizedMessage("batch.generatingallstatus", "FAILED"); log.info(iMsg); createAllWithStatus(UserDataConstants.STATUS_FAILED); log.debug("<createAllFailed:"); } // createAllFailed /** * Creates P12-files for all users with status KEYRECOVER in the local database. * * @throws Exception if something goes wrong... */ public void createAllKeyRecover() throws Exception { if (usekeyrecovery) { log.debug(">createAllKeyRecover:"); String iMsg = intres.getLocalizedMessage("batch.generatingallstatus", "KEYRECOVER"); log.info(iMsg); createAllWithStatus(UserDataConstants.STATUS_KEYRECOVERY); log.debug("<createAllKeyRecover:"); } } // createAllKeyRecover /** * Creates P12-files for all users with status in the local database. * * @param status * @throws Exception if something goes wrong... */ public void createAllWithStatus(int status) throws Exception { log.debug(">createAllWithStatus: " + status); ArrayList result; IUserAdminSessionRemote admin = adminhome.create(); boolean stopnow = false; //Collection result = admin.findAllUsersByStatus(administrator, status); do { Collection queryResult = admin.findAllUsersByStatusWithLimit(administrator, status, true); result = new ArrayList(); Iterator iter = queryResult.iterator(); while(iter.hasNext()){ UserDataVO data = (UserDataVO) iter.next(); if(data.getTokenType() == SecConst.TOKEN_SOFT_JKS || data.getTokenType() == SecConst.TOKEN_SOFT_PEM || data.getTokenType() == SecConst.TOKEN_SOFT_P12 ){ result.add(data); } } String iMsg = intres.getLocalizedMessage("batch.generatingnoofusers", new Integer(result.size())); log.info(iMsg); int failcount = 0; int successcount = 0; if (result.size() > 0) { if (result.size() < UserAdminConstants.MAXIMUM_QUERY_ROWCOUNT) { stopnow = true; } Iterator it = result.iterator(); String failedusers = ""; String successusers = ""; while (it.hasNext()) { UserDataVO data = (UserDataVO) it.next(); if ((data.getPassword() != null) && (data.getPassword().length() > 0)) { try { if (doCreate(admin, data, status)) { successusers += (":" + data.getUsername()); successcount++; } } catch (Exception e) { // If things went wrong set status to FAILED String errMsg = intres.getLocalizedMessage("batch.errorsetstatus", "FAILED"); log.error(errMsg, e); failedusers += (":" + data.getUsername()); failcount++; if (status == UserDataConstants.STATUS_KEYRECOVERY) { admin.setUserStatus(administrator, data.getUsername(), UserDataConstants.STATUS_KEYRECOVERY); } else { admin.setUserStatus(administrator, data.getUsername(), UserDataConstants.STATUS_FAILED); } } } else { iMsg = intres.getLocalizedMessage("batch.infonoclearpwd", data.getUsername()); log.info(iMsg); } } if (failedusers.length() > 0) { String errMsg = intres.getLocalizedMessage("batch.errorbatchfailed", new Integer(failcount), new Integer(successcount), failedusers); throw new Exception(errMsg); } iMsg = intres.getLocalizedMessage("batch.success", new Integer(successcount), successusers); log.info(iMsg); } } while ((result.size() > 0) && !stopnow); log.debug("<createAllWithStatus: " + status); } // createAllWithStatus /** * Creates P12-files for one user in the local database. * * @param username username * @throws Exception if the user does not exist or something goes wrong during generation */ public void createUser(String username) throws Exception { log.debug(">createUser(" + username + ")"); IUserAdminSessionRemote admin = adminhome.create(); UserDataVO data = admin.findUser(administrator, username); int status = data.getStatus(); if ((data != null) && (data.getPassword() != null) && (data.getPassword().length() > 0)) { if ((status == UserDataConstants.STATUS_NEW) || ((status == UserDataConstants.STATUS_KEYRECOVERY) && usekeyrecovery)) { try { doCreate(admin, data, status); } catch (Exception e) { // If things went wrong set status to FAILED String errMsg = intres.getLocalizedMessage("batch.errorsetstatus", "FAILED"); log.error(errMsg, e); if (status == UserDataConstants.STATUS_KEYRECOVERY) { admin.setUserStatus(administrator, data.getUsername(), UserDataConstants.STATUS_KEYRECOVERY); } else { admin.setUserStatus(administrator, data.getUsername(), UserDataConstants.STATUS_FAILED); } errMsg = intres.getLocalizedMessage("batch.errorbatchfaileduser", username); throw new Exception(errMsg); } } else { String errMsg = intres.getLocalizedMessage("batch.errorbatchfaileduser", username); log.error(errMsg); throw new Exception(errMsg); } } log.debug(">createUser(" + username + ")"); } // doit /** * Main * * @param args command line arguments */ public static void main(String[] args) { try { BatchMakeP12 makep12 = new BatchMakeP12(); String username = null; String directory = "p12"; for (int i = 0; i < args.length; i++) { if ("-?".equalsIgnoreCase(args[i]) || "--help".equalsIgnoreCase(args[i])){ System.out.println("Usage: batch [username] [-dir directory]"); System.out.println(" username: the name of the user to generate the key."); System.out.println(" If omitted, keys will be generated for all users with status NEW or FAILED"); System.out.println(" directory: the name of the directory to store the keys to"); System.exit(1); } else if ("-dir".equalsIgnoreCase(args[i])){ directory = args[++i]; } else { username = args[i]; } } // Create subdirectory 'p12' if it does not exist File dir = new File(directory).getCanonicalFile(); dir.mkdir(); makep12.setMainStoreDir(directory); String iMsg = intres.getLocalizedMessage("batch.generateindir", dir); log.info(iMsg); if (username != null) { makep12.createUser(username); } else { // Make P12 for all NEW users in local DB makep12.createAllNew(); // Make P12 for all FAILED users in local DB makep12.createAllFailed(); // Make P12 for all KEYRECOVERABLE users in local DB makep12.createAllKeyRecover(); } } catch (Exception e) { e.printStackTrace(); System.exit(1); } } // main} // BatchMakeP12⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -